XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. save username/password in ssl vpn login dialog

    Would be nice to be able to have a checkbox to save username/password for Sophos SSL VPN client, as this was before in Cyberoam SSL VPN Client. Optional. also Start with Windows (autostart) checkbox would be nice too.

    60 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    20 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  2. AD join domain

    Using the Sophos SSO agent is nice and give us improvement but it is a service and can be affected to service stop or other service related issue.
    Using domain integration is easy form Administrator to manage even when a new Domain Controller is added. So allow us to join AD domain using even the "UTM9 old method". Of course you have to allow us to assign a name to XG firewall, which at the moment is missing.

    44 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    5 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  3. 42 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    4 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  4. sandstorm for home users for free

    Please unlock Sandstorm for XG home but please let sophos xg be a free software!

    41 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    5 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  5. schedule time for the Business Rules Applications

    Set the schedule for the Business Rules Applications rules would be an important thing to enter.
    Thanks
    Carlo

    39 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    5 comments  ·  Webserver Protection  ·  Flag idea as inappropriate…  ·  Admin →

    We are removing the idea of Business Application Rules in version 18. Instead, there will be Webserver Protection rules for configuring WAF services and separated NAT configuration for when you just want to use DNAT. The DNAT options will inherit by the regular firewall rule schedule capability. Webserver protection/WAF rules will not yet have the ability to set schedules. If this is required for WAF, please transfer your vote to this item:
    https://ideas.sophos.com/forums/330219-xg-firewall/suggestions/39186325-schedule-waf-rules

  6. Drag and drop

    On XG GUI there is so much space on the left that drag and drop can be easily implemented like UTM9.
    The small windows with list is not very useful when you need to add more object with different name and selecting the check box on each one. Please implement drag & drop as UTM9.
    Best UI ever!

    35 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    6 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  7. CRONjob

    Keep the XG flexible by starting cronjobs. Crontab would be great!

    28 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  8. Select individual wan interface for vpn


    1. I have noticed that the Cisco VPN client has the option of choosing which WAN interface on the firewall is to be bound to for SSLVPN
      This feature is NOT available on the sophos vpn client
      Please put this a default because if Cisco client is not available then we have t use the sophos vpn client and this feature is necessary


    2. There is no dedicated filter option for SSLVPN in the log viewer instead it is going under system view which is wrong


    26 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  9. Installation: Do not run DHCP Server by default on LAN

    After installation there is a DHCP server running on the LAN port, this should not be the case without explicitly enabling it during installation.

    26 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  10. Not able to see live bandwidth

    Dear Team,

    in current Version Mr-3 Is Not Showing a Which user or ip usages a High Bandwidth i request you please *** this in next version

    25 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  11. Lots of features missing or half done.

    Sophos XG
    - Wildcard WAF
    - Overall, allow wildcard domains.
    - Relay SMTP Outbound
    - Many default objects such as Any IPv6 etc. network interfaces etc.
    - Rename PORT objects.
    - USB Network dongle
    - Single object management
    - Disable Wireless feature (completely)
    - Disable HA when not in use
    - Still missing create object options in certain configuration options such as EMail protection category.
    - 6RD support ; https://www.onsbrabantnet.nl/IPV6/
    - Redicilous name requirements for tunnel names.

    23 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    7 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  12. Use McAfee database for Webfiltering

    Please use McAfee website databases from UTM again!
    Please vote this feature!

    22 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  13. Sophos Cloud Deployment Behind an XG -Firewall(Initial deployment)

    Security heartbeat is indeed a great innovtion.But issue comes ,when it comes to deployment of sophos cloud in a corporate/Enterprise network with 500 odd users.Rite now,Installer which is delivered over mail which is a quick installer & some 150 +MB need to get downloaded from internet each time a user clicks on setup link eating about 30 minutes for installation on a single client machine.So how much time for a 500 user network & load it takes on network.
    So most IT administrators reluctant to go for cloud deployment when it comes head-office deployments.
    So this idea deals with an…

    20 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Synchronized Security (Heartbeat)  ·  Flag idea as inappropriate…  ·  Admin →
  14. Change Serial Number

    Provide a way to change the serial number (maybe using cli). Reinstalling the appliance requires times and downtime (if HA is not in place).

    19 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    5 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  15. Scan files without size limit

    Please make us able to deactivate size Limit in Realtime scanning mode.
    Please vote it!

    18 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Declined  ·  1 comment  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  16. Web Filtering Category with coinminer type website

    In asia so many bitcoin miner case.
    Taiwan was test target with many countrys.
    so many business customer want to detect inside or outside problem with miner attcked.
    but some miner website is normal and legal.
    Just hacking category can't include all miner webside, just only inlegal webside is not enough.
    Endpoint protection this product has application contral with miner type category.
    so why in XG can't do this?

    17 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Declined  ·  0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  17. DSCP on Business Application Rule

    DSCP is a new feature but can be only used on User/Network rule. I would like to see the DSCP even on BAR in order to better manage multiple ISP.
    Cyberoam has this feature.
    Thanks.

    16 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Webserver Protection  ·  Flag idea as inappropriate…  ·  Admin →
  18. WAN Optimization

    We are waiting for a feature called "WAN Optimization" or "WAAS".

    15 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  19. Configure Hotspot users for backend authentication on XG Firewall

    Configure Hotspot users for backend authentication on XG Firewall.
    there is no such option in the new version of XG Firewall

    14 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  20. Allow Ping using Business Application Rule

    When creating an Alias (System > Network > Interfaces > Add Alias) and then creating a Business Application Policy for the external address


    • Business Application Policy does not have an option to forward pings through to the Internal Server

    Currently it is only possible if Forward All Ports is selected from the Business Application rule

    -
    

    12 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4 5 6 7 8
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.